diff --git a/centreon-plugins/network/paloalto/ssh/mode/vpn.pm b/centreon-plugins/network/paloalto/ssh/mode/ipsec.pm
similarity index 58%
rename from centreon-plugins/network/paloalto/ssh/mode/vpn.pm
rename to centreon-plugins/network/paloalto/ssh/mode/ipsec.pm
index b4a7def7c..348ffc118 100644
--- a/centreon-plugins/network/paloalto/ssh/mode/vpn.pm
+++ b/centreon-plugins/network/paloalto/ssh/mode/ipsec.pm
@@ -18,7 +18,7 @@
 # limitations under the License.
 #
 
-package network::paloalto::ssh::mode::vpn;
+package network::paloalto::ssh::mode::ipsec;
 
 use base qw(centreon::plugins::templates::counter);
 
@@ -30,12 +30,12 @@ use centreon::plugins::templates::catalog_functions qw(catalog_status_threshold
 sub custom_status_output {
     my ($self, %options) = @_;
 
-    my $msg = sprintf(
-        'state: %s [type: %s]',
+    return sprintf(
+        'state: %s [monitor status: %s][ike phase1 state: %s]',
         $self->{result_values}->{state},
-        $self->{result_values}->{type}
+        $self->{result_values}->{monitor_status},
+        $self->{result_values}->{ike_phase1_state}
     );
-    return $msg;
 }
 
 sub set_counters {
@@ -43,36 +43,39 @@ sub set_counters {
 
     $self->{maps_counters_type} = [
         { name => 'global', type => 0 },
-        { name => 'vpn', type => 1, cb_prefix_output => 'prefix_vpn_output',  message_multiple => 'All vpn are ok', skipped_code => { -10 => 1 } },
+        { name => 'tunnels', type => 1, cb_prefix_output => 'prefix_ipsec_output',  message_multiple => 'All ipsec tunnels are ok', skipped_code => { -10 => 1 } },
     ];
 
     $self->{maps_counters}->{global} = [
-        { label => 'total-ipsec', nlabel => 'vpn.total.ipsec.count', display_ok => 0, set => {
+        { label => 'ipsec-total', nlabel => 'tunnels.ipsec.total.count', display_ok => 0, set => {
                 key_values => [ { name => 'total_ipsec' } ],
-                output_template => 'total ipsec vpn: %s',
+                output_template => 'total ipsec tunnels: %s',
                 perfdatas => [
-                    { value => 'total_ipsec_absolute', template => '%s', min => 0 },
-                ],
+                    { value => 'total_ipsec_absolute', template => '%s', min => 0 }
+                ]
             }
-        },
+        }
     ];
 
-    $self->{maps_counters}->{vpn} = [
+    $self->{maps_counters}->{tunnels} = [
         { label => 'status',  threshold => 0, set => {
-                key_values => [ { name => 'state' }, { name => 'type' }, { name => 'display' } ],
+                key_values => [
+                    { name => 'state' }, { name => 'ike_phase1_state' },
+                    { name => 'monitor_status' }, { name => 'display' }
+                ],
                 closure_custom_calc => \&catalog_status_calc,
                 closure_custom_output => $self->can('custom_status_output'),
                 closure_custom_perfdata => sub { return 0; },
-                closure_custom_threshold_check => \&catalog_status_threshold,
+                closure_custom_threshold_check => \&catalog_status_threshold
             }
-        },
+        }
     ];
 }
 
-sub prefix_vpn_output {
+sub prefix_ipsec_output {
     my ($self, %options) = @_;
 
-    return "vpn '" . $options{instance_value}->{display} . "' ";
+    return "Tunnel ipsec '" . $options{instance_value}->{display} . "' ";
 }
 
 sub new {
@@ -83,7 +86,7 @@ sub new {
     $options{options}->add_options(arguments => {
         'unknown-status:s'    => { name => 'unknown_status', default => '' },
         'warning-status:s'    => { name => 'warning_status', default => '' },
-        'critical-status:s'   => { name => 'critical_status', default => '%{state} ne "active"' },
+        'critical-status:s'   => { name => 'critical_status', default => '%{ike_phase1_state} eq "down" or %{state} ne "active"' }
     });
 
     return $self;
@@ -103,18 +106,26 @@ sub check_options {
 sub manage_selection {
     my ($self, %options) = @_;
 
-    my $result = $options{custom}->execute_command(command => 'show vpn flow', ForceArray => ['entry']);
+    my $result = $options{custom}->execute_command(command => 'show vpn ike-sa', ForceArray => ['entry']);
 
     $self->{global} = { total_ipsec => 0 };
-    $self->{vpn} = {};
-    foreach (@{$result->{IPSec}->{entry}}) {
-        $self->{vpn}->{$_->{name}} = {
+    $self->{tunnels} = {};
+    foreach (@{$result->{tunnels}}) {
+        $self->{tunnels}->{$_->{gwid}} = {
             display => $_->{name},
-            type => 'ipsec',
-            state => $_->{state}
+            ike_phase1_state => defined($_->{created}) && $_->{created} ne '' ? 'up' : 'down',
+            monitor_status => 'unknown', # could be 'up', 'down', 'off'
+            state => 'unknown'
         };
+
         $self->{global}->{total_ipsec}++;
     }
+
+    $result = $options{custom}->execute_command(command => 'show vpn flow', ForceArray => ['entry']);
+    foreach (@{$result->{IPSec}->{entry}}) {
+        $self->{tunnels}->{$_->{gwid}}->{state} = $_->{state};
+        $self->{tunnels}->{$_->{gwid}}->{monitor_status} = $_->{mon};
+    }
 }
 
 1;
@@ -123,29 +134,29 @@ __END__
 
 =head1 MODE
 
-Check vpn.
+Check ipsec tunnels.
 
 =over 8
 
 =item B<--unknown-status>
 
-Set unknown threshold for status (Default: '').
-Can used special variables like: %{state}, %{type}, %{display}
+Set unknown threshold for status.
+Can used special variables like: %{ike_phase1_state}, %{state}, %{monitor_status}, %{display}.
 
 =item B<--warning-status>
 
-Set warning threshold for status (Default: '').
-Can used special variables like: %{state}, %{type}, %{display}
+Set warning threshold for status.
+Can used special variables like: %{ike_phase1_state}, %{state}, %{monitor_status}, %{display}.
 
 =item B<--critical-status>
 
-Set critical threshold for status (Default: '%{state} ne "active"').
-Can used special variables like: %{state}, %{type}, %{display}
+Set critical threshold for status (Default: '%{ike_phase1_state} eq "down" or %{state} ne "active"').
+Can used special variables like: %{ike_phase1_state}, %{state}, %{monitor_status}, %{display}.
 
 =item B<--warning-*> B<--critical-*>
 
 Thresholds.
-Can be: 'total-ipsec'.
+Can be: 'ipsec-total'.
 
 =back
 
diff --git a/centreon-plugins/network/paloalto/ssh/plugin.pm b/centreon-plugins/network/paloalto/ssh/plugin.pm
index 14cdfa82f..52b69c872 100644
--- a/centreon-plugins/network/paloalto/ssh/plugin.pm
+++ b/centreon-plugins/network/paloalto/ssh/plugin.pm
@@ -34,8 +34,8 @@ sub new {
         'environment' => 'network::paloalto::ssh::mode::environment',
         'ha'          => 'network::paloalto::ssh::mode::ha',
         'interfaces'  => 'network::paloalto::ssh::mode::interfaces',
-        'system'      => 'network::paloalto::ssh::mode::system',
-        'vpn'         => 'network::paloalto::ssh::mode::vpn',
+        'ipsec'       => 'network::paloalto::ssh::mode::ipsec',
+        'system'      => 'network::paloalto::ssh::mode::system'
     );
 
     $self->{custom_modes}{ssh} = 'network::paloalto::ssh::custom::cli';